iptables help port forwarding

English Network/Internet
1

hi,
I’m have 2 ethernet card. i use the first one to connect to dsl (eth0), and the interface of the dsl is dsl0. the other eth1 connected directly to switch. i want to port forward 192.168.5.20:6000. i also want to route all other my client who wants to connect to port 6000 to ip 192.168.5.20.

iptables -t nat -A PREROUTING -i dsl0 -p tcp --dport 6000 -j DNAT --to-destination 192.168.5.20:6000

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 6000 -j DNAT --to-destination 192.168.5.20:6000

but i can’t see the port open. any suggestion?

2

Did you open port 6000 in /etc/sysconfig/SuSEfirewall2 ?

Please confirm: Connections from the outside (EXT = dsl0) for port 6000 should go to a host with IP=192.168.5.20 within your LAN?

And connections from within the LAN to the firewall host port 6000 should end up at 192.168.5.20:6000 (another LAN host) as well?

I guess you should be able to configure this directly in /etc/sysconfig/SuSEfirewall2. Have a look at FW_FORWARD and FW_FORWARD_MASQ.

3

Did you open port 6000 in /etc/sysconfig/SuSEfirewall2 ?

Please confirm: Connections from the outside (EXT = dsl0) for port 6000 should go to a host with IP=192.168.5.20 within your LAN?

yes, I can connect to the service that I put on port 6000 from different Public IP or I also use Open Port Check Tool and it confirm that my port is open.

but I can’t access the service from lan.

4

You can try.

iptables -t nat -A PREROUTING -p tcp -i eth0 -d <IP Address of eth0> --dport 6000 -j DNAT --to-destination 192.168.5.20

Regards,
SUSE LINUX Enterprise & openSUSE Community - Index

5

still no luck =(